Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/fgV_JeBERHr3GQU0RjgmCT4j0HM.roa
File: fgV_JeBERHr3GQU0RjgmCT4j0HM.roa (raw, json)
Hash identifier: 42rw9tFrCKARIx3P8hymciUe4n9lif+jtIQ2kqw6t3g=
Subject key identifier: 7E:05:7F:25:E0:44:44:7A:F7:19:05:34:46:38:26:09:3E:23:D0:73
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0191718C426DBDEDB257FA6E8857155D7834
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/fgV_JeBERHr3GQU0RjgmCT4j0HM.roa
Signing time: Tue 20 Aug 2024 20:48:23 +0000
ROA not before: Tue 20 Aug 2024 20:48:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6233
IP address blocks: 45.11.45.0/24 maxlen: 24
45.13.196.0/22 maxlen: 24
45.13.196.0/24 maxlen: 24
45.13.197.0/24 maxlen: 24
45.87.164.0/22 maxlen: 24
45.87.164.0/24 maxlen: 24
45.130.20.0/22 maxlen: 24
45.139.193.0/24 maxlen: 24
45.143.232.0/22 maxlen: 24
45.143.233.0/24 maxlen: 24
45.143.234.0/24 maxlen: 24
45.143.235.0/24 maxlen: 24
45.153.244.0/22 maxlen: 24
62.3.15.0/24 maxlen: 24
79.143.140.0/22 maxlen: 24
80.66.196.0/24 maxlen: 24
94.124.116.0/22 maxlen: 24
94.124.119.0/24 maxlen: 24
141.98.196.0/22 maxlen: 24
146.19.116.0/24 maxlen: 24
185.194.52.0/22 maxlen: 24
185.200.64.0/22 maxlen: 24
185.222.216.0/21 maxlen: 24
185.248.87.0/24 maxlen: 24
193.163.19.0/24 maxlen: 24
194.36.24.0/24 maxlen: 24
194.36.242.0/24 maxlen: 24
194.104.152.0/22 maxlen: 24
194.169.54.0/23 maxlen: 24
194.169.54.0/24 maxlen: 24
195.245.219.0/24 maxlen: 24
195.245.241.0/24 maxlen: 24
195.245.242.0/24 maxlen: 24
2a09::/48 maxlen: 48
2a0d:c7c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:71:8c:42:6d:bd:ed:b2:57:fa:6e:88:57:15:5d:78:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Aug 20 20:48:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e057f25e044447af7190534463826093e23d073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a1:b1:69:4e:7f:83:2d:97:83:a0:34:da:e3:
ee:d7:d8:ce:57:07:dc:e4:30:5e:e7:fe:93:9b:7d:
cd:79:35:dd:3f:27:70:eb:0b:d0:74:54:40:e4:74:
a6:c4:c2:d3:7d:66:dd:dd:8a:37:4d:80:16:b8:f0:
49:64:bc:d7:ae:df:ee:a9:98:70:00:74:67:3c:12:
2f:ad:a8:b7:ae:40:c5:8e:ab:23:e9:40:9f:9b:57:
10:a8:a5:2d:33:1a:d4:dc:32:64:6e:ec:4c:a9:66:
08:44:ed:a0:e3:fa:db:b4:25:b8:99:f8:8b:d8:ad:
7e:bb:84:71:43:a3:7c:6c:7a:01:aa:b2:7a:ca:fc:
26:3c:08:19:44:78:f8:c6:17:bd:c2:48:76:82:c2:
45:5b:1d:8f:54:c4:6e:e6:a8:01:fa:77:b7:34:12:
83:8c:fd:64:ee:13:8c:92:8a:6c:42:46:18:53:b2:
63:eb:e0:01:52:90:4b:51:0e:04:29:b1:98:d8:82:
5e:50:f1:c7:6b:3a:51:27:a8:44:5c:b1:78:08:65:
ff:12:e4:28:52:1e:f1:2e:ee:7a:39:22:da:95:db:
99:a1:dc:f3:0e:24:a6:53:92:01:32:bd:33:3a:a5:
d3:ec:e2:e9:dd:c2:17:14:0b:47:ce:d5:28:c9:54:
a8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:05:7F:25:E0:44:44:7A:F7:19:05:34:46:38:26:09:3E:23:D0:73
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/fgV_JeBERHr3GQU0RjgmCT4j0HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.45.0/24
45.13.196.0/22
45.87.164.0/22
45.130.20.0/22
45.139.193.0/24
45.143.232.0/22
45.153.244.0/22
62.3.15.0/24
79.143.140.0/22
80.66.196.0/24
94.124.116.0/22
141.98.196.0/22
146.19.116.0/24
185.194.52.0/22
185.200.64.0/22
185.222.216.0/21
185.248.87.0/24
193.163.19.0/24
194.36.24.0/24
194.36.242.0/24
194.104.152.0/22
194.169.54.0/23
195.245.219.0/24
195.245.241.0-195.245.242.255
IPv6:
2a09::/48
2a0d:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:0f:aa:57:95:49:d1:71:6b:3a:98:7c:e6:ea:e5:8e:80:ba:
45:83:c1:f0:f2:94:46:e7:38:84:b5:52:b7:7d:65:64:0d:c1:
8a:bc:c2:eb:fa:24:f2:66:e6:9d:87:9c:f4:d8:71:0d:2c:73:
3b:0c:cb:3d:2d:d0:7c:9b:23:a5:b8:48:59:ee:20:d2:0f:7c:
07:e6:cc:12:da:78:2e:e3:a4:48:5a:8e:94:2a:d6:08:6d:1a:
d1:3c:86:c9:e0:c3:6f:98:b2:e9:e3:11:e0:74:20:d3:28:ea:
b0:96:92:e3:31:26:fd:de:4b:d7:54:1b:f3:30:e8:7e:d0:2d:
5a:87:ac:a7:79:a1:db:92:75:d5:88:61:ee:0a:c7:13:d5:2a:
22:79:c9:2f:b7:ff:07:ad:66:b7:c4:34:a7:c3:4f:52:cd:bd:
90:02:ac:5f:b8:bc:17:2b:34:5f:a3:61:14:82:2c:9f:1b:c5:
1c:54:f7:75:72:e2:7d:e2:f3:cf:99:b6:6b:58:6e:d0:f2:b0:
a9:ec:37:63:bf:aa:8e:8a:38:12:64:42:18:7e:5d:07:d0:53:
c5:0b:df:83:74:98:99:ec:ce:91:52:a0:a7:fe:bc:73:b2:5a:
7d:c4:b3:ea:80:f6:88:21:32:98:ae:a1:ea:e2:c6:ca:b2:f0:
4d:29:76:fd
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZFxjEJtve2yV/puiFcVXXg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjQwODIwMjA0ODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTA1N2YyNWUwNDQ0NDdhZjcxOTA1MzQ0NjM4MjYwOTNlMjNkMDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqGxaU5/gy2Xg6A02uPu19jOVwfc
5DBe5/6Tm33NeTXdPydw6wvQdFRA5HSmxMLTfWbd3Yo3TYAWuPBJZLzXrt/uqZhw
AHRnPBIvrai3rkDFjqsj6UCfm1cQqKUtMxrU3DJkbuxMqWYIRO2g4/rbtCW4mfiL
2K1+u4RxQ6N8bHoBqrJ6yvwmPAgZRHj4xhe9wkh2gsJFWx2PVMRu5qgB+ne3NBKD
jP1k7hOMkopsQkYYU7Jj6+ABUpBLUQ4EKbGY2IJeUPHHazpRJ6hEXLF4CGX/EuQo
Uh7xLu56OSLalduZodzzDiSmU5IBMr0zOqXT7OLp3cIXFAtHztUoyVSoQQIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFH4FfyXgRER69xkFNEY4Jgk+I9BzMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvZmdWX0plQkVSSHIzR1FVMFJqZ21DVDRqMEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBnwQCAAEwgZgDBAAt
Cy0DBAItDcQDBAItV6QDBAItghQDBAAti8EDBAItj+gDBAItmfQDBAA+Aw8DBAJP
j4wDBABQQsQDBAJefHQDBAKNYsQDBACSE3QDBAK5wjQDBAK5yEADBAO53tgDBAC5
+FcDBADBoxMDBADCJBgDBADCJPIDBALCaJgDBAHCqTYDBADD9dswDAMEAMP18QME
AMP18jAWBAIAAjAQAwcAKgkAAAAAAwUAKg3HwDANBgkqhkiG9w0BAQsFAAOCAQEA
kw+qV5VJ0XFrOph85urljoC6RYPB8PKURuc4hLVSt31lZA3BirzC6/ok8mbmnYec
9NhxDSxzOwzLPS3QfJsjpbhIWe4g0g98B+bMEtp4LuOkSFqOlCrWCG0a0TyGyeDD
b5iy6eMR4HQg0yjqsJaS4zEm/d5L11Qb8zDoftAtWoesp3mh25J11Yhh7grHE9Uq
InnJL7f/B61mt8Q0p8NPUs29kAKsX7i8Fys0X6NhFIIsnxvFHFT3dXLifeLzz5m2
a1hu0PKwqew3Y7+qjoo4EmRCGH5dB9BTxQvfg3SYmezOkVKgp/68c7JafcSz6oD2
iCEymK6h6uLGyrLwTSl2/Q==
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:29:03 2024 by rpki-client on console-fra.rpki-client.org